> Saying that there's no malware for Linux because there's no reawrd is myopic - the payoff is potentially larger.
I didn’t say that. My comment was really just commenting on the fact that most attacks (mal/ransomware/phishing/exploits) very frequently need some sort of user interaction. Without users or users doing user stuff it makes it harder to get things to execute on the machine/server. Sure if the server is in the DMZ and unpatched then yes it will be hammered by scanners and automated exploiters. With proper security hygiene and a proper patch cadence servers are usually more protected through defense in depth and lack of human.
One would hope, but that doesn't solve many problems.
Just this week I did some work for a client (a tech company) on a public facing webapp.
After fixing the issues, I gave the manager and their architects who had been reviewing my PRs a short list of errors that I noticed in the current app.
They politely declined to have them fixed, but want to proceed with another engagement for more features.
I think we've probably all seen mistakes being made by people who should know better in the industry but servers must still be a much harder target than, for example, my dad, who somehow gets his browser hijacked by a different malicious extension a couple of times a year.
It's been probably 20 years since I've seen passwords stored as plain text at any company I've dealt with, which is some progress at least!
If you pwn just one server you can attack thousands of people, their data, their credentials, etc.
Saying that there's no malware for Linux because there's no reawrd is myopic - the payoff is potentially larger.